User.php 4.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209
  1. <?php
  2. namespace common\models;
  3. use Yii;
  4. use yii\base\NotSupportedException;
  5. use yii\behaviors\TimestampBehavior;
  6. use yii\db\ActiveRecord;
  7. use yii\web\IdentityInterface;
  8. /**
  9. * User model
  10. *
  11. * @property integer $id
  12. * @property string $username
  13. * @property string $password_hash
  14. * @property string $password_reset_token
  15. * @property string $email
  16. * @property string $auth_key
  17. * @property integer $status
  18. * @property integer $created_at
  19. * @property integer $updated_at
  20. * @property string $password write-only password
  21. */
  22. class User extends ActiveRecord implements IdentityInterface
  23. {
  24. const STATUS_DELETED = 0;
  25. const STATUS_ACTIVE = 10;
  26. /**
  27. * @inheritdoc
  28. */
  29. public static function tableName()
  30. {
  31. return '{{%user}}';
  32. }
  33. /**
  34. * @inheritdoc
  35. */
  36. public function behaviors()
  37. {
  38. return [
  39. TimestampBehavior::className(),
  40. ];
  41. }
  42. /**
  43. * @inheritdoc
  44. */
  45. public function rules()
  46. {
  47. return [
  48. ['status', 'default', 'value' => self::STATUS_ACTIVE],
  49. ['status', 'in', 'range' => [self::STATUS_ACTIVE, self::STATUS_DELETED]],
  50. ];
  51. }
  52. /**
  53. * @inheritdoc
  54. */
  55. public static function findIdentity($id)
  56. {
  57. return static::findOne(['id' => $id, 'status' => self::STATUS_ACTIVE]);
  58. }
  59. /**
  60. * @inheritdoc
  61. */
  62. public static function findIdentityByAccessToken($token, $type = null)
  63. {
  64. $uid = null;
  65. switch ($type)
  66. {
  67. case 'yii\filters\auth\HttpBearerAuth':
  68. if(!($uid = AccessToken::getUidByApiToken($token)))
  69. throw new \yii\web\UnauthorizedHttpException("token is invalid.");
  70. break;
  71. case 'common\filters\auth\BearerAuth':
  72. $uid = 1;
  73. preg_match('/^(.*?):(.*?)$/', $token, $matches);
  74. $check = new \components\Secret;
  75. $check->checkSignature($matches[1], $matches[2]);
  76. break;
  77. default:
  78. throw new \yii\web\UnauthorizedHttpException("token is invalid.");
  79. }
  80. return static::findOne(['id' => $uid, 'status' => self::STATUS_ACTIVE]);
  81. //throw new NotSupportedException('"findIdentityByAccessToken" is not implemented.');
  82. }
  83. /**
  84. * Finds user by username
  85. *
  86. * @param string $username
  87. * @return static|null
  88. */
  89. public static function findByUsername($username)
  90. {
  91. return static::findOne(['username' => $username, 'status' => self::STATUS_ACTIVE]);
  92. }
  93. /**
  94. * Finds user by password reset token
  95. *
  96. * @param string $token password reset token
  97. * @return static|null
  98. */
  99. public static function findByPasswordResetToken($token)
  100. {
  101. if (!static::isPasswordResetTokenValid($token)) {
  102. return null;
  103. }
  104. return static::findOne([
  105. 'password_reset_token' => $token,
  106. 'status' => self::STATUS_ACTIVE,
  107. ]);
  108. }
  109. /**
  110. * Finds out if password reset token is valid
  111. *
  112. * @param string $token password reset token
  113. * @return bool
  114. */
  115. public static function isPasswordResetTokenValid($token)
  116. {
  117. if (empty($token)) {
  118. return false;
  119. }
  120. $timestamp = (int) substr($token, strrpos($token, '_') + 1);
  121. $expire = Yii::$app->params['user.passwordResetTokenExpire'];
  122. return $timestamp + $expire >= time();
  123. }
  124. /**
  125. * @inheritdoc
  126. */
  127. public function getId()
  128. {
  129. return $this->getPrimaryKey();
  130. }
  131. /**
  132. * @inheritdoc
  133. */
  134. public function getAuthKey()
  135. {
  136. return $this->auth_key;
  137. }
  138. /**
  139. * @inheritdoc
  140. */
  141. public function validateAuthKey($authKey)
  142. {
  143. return $this->getAuthKey() === $authKey;
  144. }
  145. /**
  146. * Validates password
  147. *
  148. * @param string $password password to validate
  149. * @return bool if password provided is valid for current user
  150. */
  151. public function validatePassword($password)
  152. {
  153. return Yii::$app->security->validatePassword($password, $this->password_hash);
  154. }
  155. /**
  156. * Generates password hash from password and sets it to the model
  157. *
  158. * @param string $password
  159. */
  160. public function setPassword($password)
  161. {
  162. $this->password_hash = Yii::$app->security->generatePasswordHash($password);
  163. }
  164. /**
  165. * Generates "remember me" authentication key
  166. */
  167. public function generateAuthKey()
  168. {
  169. $this->auth_key = Yii::$app->security->generateRandomString();
  170. }
  171. /**
  172. * Generates new password reset token
  173. */
  174. public function generatePasswordResetToken()
  175. {
  176. $this->password_reset_token = Yii::$app->security->generateRandomString() . '_' . time();
  177. }
  178. /**
  179. * Removes password reset token
  180. */
  181. public function removePasswordResetToken()
  182. {
  183. $this->password_reset_token = null;
  184. }
  185. }